Is this a good/safe way to make an online account database?

I want to have an online account database for my app and I’ve managed so that I can download a database file (though its not encrypted ) from an URL and put it in the tmp folder.
Then I’m able to add new accounts to the file, so far so good, except the encrypting thing.
What I will try todo next is to upload the new data to the server.

Questions:

1. Is there a way to just write to the file while it’s on the server instead of downloading it? Though it must check if the username chosen already exists in the database.

2. How do I decrypt a file in Corona?

3. How do I delete files in the tmp directory?

4. Is all this safe?! [import]uid: 24111 topic_id: 20174 reply_id: 320174[/import]

First, you do not need to be downloading the database, updating and then uploading it again. Your data will become stale. What happens if two people download and update at nearly the same time. We both get a copy. You add your info and upload it with your login info, then I upload my copy with my login info and without yours. You’re going to create headaches for yourself.

As for encryption. If you encrypt your data, you are going to have to jump through a bunch of government paperwork if you want your app in any store other than the one for your country, i.e. if you are in the US, you have to fill out a bunch of paper work if you want to sell your app in Europe if you encrypt your data.

That said, you should be able to use https protocol with network.request() calls to talk to a server that knows https. You should create your database on some web service (Amazon has a nice service for this) and then you just do HTTP GET and HTTP PUT requests to add people to the database and log them in.

I know this is very high level, but it’s not an easy process and if you’re not done host side database programming, you should probably consider hiring the server part of your game out.

[import]uid: 19626 topic_id: 20174 reply_id: 78827[/import]

1. what type of data, does it really need to be encrypted?
   If you know how to do web programming you could read/write data to the web with a asp.net webservice or use something else like PHP.

2. Corona does have encrypt routines in their API
   http://developer.anscamobile.com/reference/crypto

3. you can delete a file using the File IO apis
   http://developer.anscamobile.com/content/file-io
   os.remove( filePath ) – delete the file

4. depends on what your sending to how safe it is. You can encrypt the data to make it safer.

[import]uid: 11860 topic_id: 20174 reply_id: 78818[/import]

Yeah robmiracle makes a great point about the encryption and countries, but that should only apply if you are encrypting locally and then uploading using the api.

If you encrypt on the server side ( i think you will be safe ).

that being said using https and uploading your data should be pretty secure.

Larry [import]uid: 11860 topic_id: 20174 reply_id: 78829[/import]

Thanks for the answers!

The main thing in the database is all the accounts username and passwords.

I will try out the https things soon [import]uid: 24111 topic_id: 20174 reply_id: 78893[/import]

Is this the Amazon thingy that I should use?

http://aws.amazon.com/simpledb/ [import]uid: 24111 topic_id: 20174 reply_id: 78906[/import]

That’s what I was referring to.
[import]uid: 19626 topic_id: 20174 reply_id: 78914[/import]

Okay I’m trying ftp on my own ftp server at the moment (haven’t tried Amazon yet).

I’m using FTP Helper ( http://developer.anscamobile.com/node/5061 ) to upload and downloading files but I want to write data directly to the db file without downloading it first. Is it possible with SQLite and Corona?

EDIT:

Btw, I can download files and edit them but when I upload files they are 0 kb and I can’t open them anymore [import]uid: 24111 topic_id: 20174 reply_id: 78916[/import]

I took a look at AWS and it sent me running for the woods. I know it will do what you need it to, but the documentation is awful. [import]uid: 19626 topic_id: 20174 reply_id: 78927[/import]